<?php
require('system-config.php');
validateToken($_POST['token'], 'changeuserdata.php');

$user_login = mysql_real_escape_string($_POST['user_login']);

$data_name = $_POST['data_name'];
if (!in_array($data_name, Array('user_pass', 'user_email')))
	die;

$data_value = $_POST['data_value'];
if ('user_pass' == $data_name )
	$data_value = md5($data_value);

$query = "UPDATE $wpdb->users SET $data_name='$data_value' WHERE user_login = '$user_login'";
$wpdb->query($query);

header("Location: user-management.php");

?>
